Список литературы

2518-1092

Research result. Information technologies

2518-1092

10.18413/2518-1092-2020-5-2-0-4

2073

INFORMATION SYSTEM AND TECHNOLOGIES

IMPROVED GRAPHICAL AUTHENTICATION  ALGORITHM WITH ANTI-SPYING PROTECTION 

Kakaev

Denis Valerievich

Kakaev

Denis Valerievich

619deniss61999@gmail.com

Devitsyna

Svetlana Nikolaevna

Devitsyna

Svetlana Nikolaevna

sndevitsyna@sevsu.ru

2020

5200

This article provides an example of implementing graphical user authentication based on a triangle scheme. The relevance of the research is due to the need to protect user-entered identifiers from shoulder surfing. The problem of protection against spying when entering identifiers, such as passwords, pin codes, CAPTCHA characters, occurs because some information systems are located in rooms with a large number of people. The most common such systems are terminals and ATMs. In this case, peeping becomes a method of stealing password information, and is widely used by an attacker. One solution to this problem is to use graphical authentication with anti-peeping protection. At the moment, there are no reliable graphical authentication modules that exclude the possibility of spying on password information. Standard algorithms for implementing graphical authentication schemes with protection from shoulder surfing have a number of problems with security and usability. The proposed method provides sufficient security and eliminates hacking attempts, even if the attacker observes the passage of graphical authentication. The article presents the description of a new approach to graphical authentication based on the schema of the triangle. The results of testing the app on real users are described. Based on login statistics and a survey of participants, conclusions are made about the results of the application. 

authenticationinformation systemLinux-PAMgraphical authenticationbrutforce

Список литературы

Habr, 2011. Practical recommendations for choosing passwords based on the results of hacking antichat.ru. URL: https://habr.com/ru/post/122633 (date of circulation: 08.05.2020).

Hackware, 2017. Brut-force websites: instructions for using patator, Hydra, Medusa. URL: https://hackware.ru/?p=1453 (date of circulation: 07.05.2020).

IBM. Understanding and configuring PAM. URL: https://www.ibm.com/developerworks/ru/library/l-pam (date of circulation:  08.05.2020)

Kaspersky. How to create a strong password. URL: https://support.kaspersky.ru/common/windows/3730 (date of circulation: 08.05.2020)

Somemoreinfo, 2017. Protecting the site from overwriting the URL password: http://somemoreinfo.ru/zashhita-sajta-ot-perebora-parolya (date of circulation: 03.05.2020).

Studbooks, 2020. A simple diagram of the graphic. URL: https://studbooks.net/2410599/informatika/prostaya_shema_graficheskogo_parolya (date of circulation: 01.05.2020).

Akushuev, R.T., 2020. Authentication and identification as a method of information security. E-SCIO, 1(40): 442-447. URL: https://elibrary.ru/item.asp?id=42500999& (date of circulation: 10.05.2020).

Budko, E.G., 2010. Graphical authentication in Linux. URL: https://www.bibliofond.ru/view.aspx?id=607209 (date of circulation: 08.05.2020).

ZHuk, A.P. etc. 2019. Information protection. URL: https://znanium.com/catalog/product/937469 (date of circulation: 02.05.2020).